Just to name a few things we’ve done for this release:
- We’ve written new HOWTO documents for our users
- Considerably improved the speed of all grep plugins
- Replaced Beautiful Soup by the faster libxml2 library
- Introduced the usage of XPATH queries that will allow us to improve performance and reduce false positives
- Fixed hundreds of bugs
On this release you’ll also find that after exploiting a vulnerability youcan leverage that access using our Web Application Payloads, a feature that we developed together with Lucas Apa from Bonsai Information Security. These payloads allow you to escalate privileges and will help you get from a low privileged vulnerability (e.g. local file read) to a remote code execution. In order to try them, exploit a vulnerability, get any type of shell and then run any of the following commands: help, lsp, payload tcp (the last one will show you the open connections in the remote box).